Learn Step by Step Web Hacking and Penetration Testing

What you'll learn
Understand and perform the basic steps in order to performa penetration testing of a web application
Understand web application's security principles and potential dangers
Be able to gather information about your target
You will learn how to find vulnerabilities in your target web application
Exploit found vulnerabilities and get control over remote servers
Understand the penetration testing process
As a web application developer you will understand how to secure your application
Requirements
Basic IT skills
Basic knowledge of Linux and/or Windows
Understand basic computer networking
Description
In order to protect yourself from hackers, you must think as one.
This training is based on a practical approach of day-by-day situations and it contain labs based on real environments.
In this course, you will start as a
beginner
with no previous knowledge about penetration testing or hacking.
This course is focused on the
practical side of penetration
testing without neglecting the theory behind each attack. Before jumping into penetration testing, you will first learn how to
set up a lab and install needed software
to practice penetration testing on your own machine.
The course objective is to help you learn to master the (ethical) hacking techniques and methodology that are used in penetration systems. The course is designed for IT passionate, network and system engineers, security officers.
Once you understand how websites work we will start talking about how can we
exploit these components
. This course will take you
from a beginner to a more advanced level --
so you will be able to launch attacks and test the security of websites and web applications, and furthermore
you'll be able to help fixing these vulnerabilities
and
secure websites
from them.
Below are the main topics, both
theoretical and practical
, of this course
Core problems (Causes. Defences)
Web Technologies (HTTP Protocol, Web Functionality, Encoding)
Mapping (Spidering and Analysing)
Attacking Authentication (Technologies, Flaws, Fixes, Brute Force)
Attacking Session Management (State, Tokens, Flaws)
Attacking Access Controls (Common Vulnerabilities, Attacks)
Attacking Data Stores (SQL Injection, Bypassing Filters, Escalation)
Bypassing Client-Side Controls (Browser Interception, HTML interception, Fixes)
Attacking the server (OS command Injection, Path Traversal, Mail Injection, File Upload)
Attacking Application Logic
Cross Site Scripting
Attacking Users (CSRF, ClickJacking, HTML Injection)
OWASP Top Ten Vulnerabilities
Network Attacks
Labs
Spidering, Website Analyser
Brute-Force
Session Hijacking via Mann-in-The-Middle
Get Gmail or Facebook Passwords via SSLStrip
SQL Injection
Upload File and Remote Execution
Cross-Site Scripting (Stored + Reflected, Cookie Stealing, Preventing XSS)
CSRF (Change password trough CSRF vuln., Preventing CSRF)
NOTE: This course is created only for educational purposes and all the attacks are launched in an isolated lab environment.
Who this course is for
Web developers
Anyone who want to learn the ethical hacking and penetration testing process
IT students and/or passionate
Anyone who wants to start or develop a career in it security field or as "ethical hacker"
Homepage

https://www.udemy.com/course/web-application-ethical-hacking